Computer Security
[EN] securityvulns.ru no-pyccku


CA Anti-Virus multiple security vulnerabilities
updated since 09.10.2009
Published:13.10.2009
Source:
SecurityVulns ID:10305
Type:remote
Threat Level:
6/10
Description:Multiple vulnerabilities on RAR archives parsing.
Affected:CA : eTrust Intrusion Detection 3.0
 CA : CA Internet Security Suite 2007
 CA : ARCserve Backup 11.5
 CA : CA Internet Security Suite 2008
 CA : CA Protection Suites 3.1
 CA : CA Anti-Virus 7.1
 CA : CA Anti-Virus 8.1
 CA : CA Anti-Virus 2007
 CA : CA Anti-Virus 2008
 CA : CA Network and Systems Management 11.1
 CA : CA Anti-Virus 2009
 CA : CA Internet Security Suite 2009
 CA : CA Threat Manager 8.1
 CA : CA Secure Content Manager 8.0
 CA : ARCserve Backup 12.5
 CA : CA Common Services 11.1
CVE:CVE-2009-3588 (Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587.)
 CVE-2009-3587 (Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588.)
Original documentdocumentThierry Zoller, [G-SEC 46-2009] Computer Associates multiple products arbritary code execution (13.10.2009)
 documentCA, CA20091008-01: Security Notice for CA Anti-Virus Engine (09.10.2009)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:13.10.2009
Source:
SecurityVulns ID:10307
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:DJANGO : python-django 1.1
 DEDECMS : DEDECMS 5.1
Original documentdocumentinfo_(at)_securitylab.ir, DEDECMS v5.1 Sql Injection Vulnerability (13.10.2009)
 documentDEBIAN, [SECURITY] [DSA 1905-1] New python-django packages fix denial of service (13.10.2009)

Palm Pre DoS
Published:13.10.2009
Source:
SecurityVulns ID:10309
Type:client
Threat Level:
4/10
Description:Crash on HTML parsing.
Affected:PALM : WebOS 1.1
Original documentdocumentpalmprehacker_(at)_gmail.com, Palm Pre WebOS version <= 1.1 Floating Point Exception (13.10.2009)

kvm privilege escalation
Published:13.10.2009
Source:
SecurityVulns ID:10310
Type:local
Threat Level:
5/10
Description:kvm_emulate_hypercall doesn't filter MMU hypercalls from ring 0.
Affected:LINUX : kernel 2.6
CVE:CVE-2009-3290 (The kvm_emulate_hypercall function in arch/x86/kvm/x86.c in KVM in the Linux kernel 2.6.25-rc1, and other versions before 2.6.31, when running on x86 systems, does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service (guest kernel crash) and read or write guest kernel memory via unspecified "random addresses.")
 CVE-2008-5714 (Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1907-1] New kvm packages fix several vulnerabilities (13.10.2009)

Microsoft Windows Media Player buffer overflow
Published:13.10.2009
Source:
SecurityVulns ID:10312
Type:client
Threat Level:
6/10
Description:Buffer overflow on .ASF files parsing.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
CVE:CVE-2009-2527 (Heap-based buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via (1) a crafted ASF file or (2) crafted streaming content, aka "WMP Heap Overflow Vulnerability.")
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS09-052 - Critical Vulnerability in Windows Media Player Could Allow Remote Code Execution (974112) (13.10.2009)
Files:Microsoft Security Bulletin MS09-052 - Critical Vulnerability in Windows Media Player Could Allow Remote Code Execution (974112)

Microsoft CryptoAPI certificate spoofing
Published:13.10.2009
Source:
SecurityVulns ID:10314
Type:library
Threat Level:
6/10
Description:Certificate name spoofing with NULL byte.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2009-2511 (Integer overflow in the CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows man-in-the-middle attackers to spoof arbitrary SSL servers and other entities via an X.509 certificate that has a malformed ASN.1 Object Identifier (OID) and was issued by a legitimate Certification Authority, aka "Integer Overflow in X.509 Object Identifiers Vulnerability.")
 CVE-2009-2510 (The CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, as used by Internet Explorer and other applications, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, aka "Null Truncation in X.509 Common Name Vulnerability," a related issue to CVE-2009-2408.)
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS09-056 - Important Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571) (13.10.2009)
Files:Microsoft Security Bulletin MS09-056 - Important Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571)

Microsoft Windows Indexing Service ActiveX memory corruption
Published:13.10.2009
Source:
SecurityVulns ID:10315
Type:client
Threat Level:
7/10
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
CVE:CVE-2009-2507 (A certain ActiveX control in the Indexing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly process URLs, which allows remote attackers to execute arbitrary programs via unspecified vectors that cause a "vulnerable binary" to load and run, aka "Memory Corruption in Indexing Service Vulnerability.")
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS09-057 - Important Vulnerability in Indexing Service Could Allow Remote Code Execution (969059) (13.10.2009)
Files:Microsoft Security Bulletin MS09-057 - Important Vulnerability in Indexing Service Could Allow Remote Code Execution (969059)

Microsoft Windows LSA DoS
Published:13.10.2009
Source:
SecurityVulns ID:10317
Type:remote
Threat Level:
6/10
Description:Crash on NTLM authentication parsing.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2009-2524 (Integer underflow in the NTLM authentication feature in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to cause a denial of service (reboot) via a malformed packet, aka "Local Security Authority Subsystem Service Integer Overflow Vulnerability.")
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS09-059 - Important Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467) (13.10.2009)
Files:Microsoft Security Bulletin MS09-059 - Important Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467)

Microsoft Active Template Library (ATL) multiple security vulnerabilities
updated since 29.07.2009
Published:13.10.2009
Source:
SecurityVulns ID:10106
Type:library
Threat Level:
9/10
Description:Memory corruptions, information leak, initialization problem, leading to killbit protection bypass.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2009-2495 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka "ATL Null String Vulnerability.")
 CVE-2009-2493 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability.")
 CVE-2009-0901 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability.")
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS09-055 - Critical Cumulative Security Update of ActiveX Kill Bits (973525) (13.10.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-055 - Critical Cumulative Security Update of ActiveX Kill Bits (973525) (13.10.2009)
 documentIDEFENSE, iDefense Security Advisory 07.28.09: Multiple Vendor Microsoft ATL/MFC ActiveX Security Bypass Vulnerability (20.08.2009)
 documentIDEFENSE, iDefense Security Advisory 07.28.09: Multiple Vendor Microsoft ATL/MFC ActiveX Information Disclosure Vulnerability (20.08.2009)
 documentIDEFENSE, iDefense Security Advisory 08.11.09: Multiple Vendor Microsoft ATL/MFC ActiveX Type Confusion Vulnerability (20.08.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-037 - Critical Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908) (11.08.2009)
 documentCISCO, Cisco Security Advisory: Active Template Library (ATL) Vulnerability (29.07.2009)
 documentCERT, US-CERT Technical Cyber Security Alert TA09-209A -- Microsoft Windows, Internet Explorer, and Active Template Library (ATL) Vulnerabilities (29.07.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-035 - Moderate Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706) (29.07.2009)
Files:Microsoft Security Bulletin MS09-037 - Critical Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908)
 Microsoft Security Bulletin MS09-055 - Critical Cumulative Security Update of ActiveX Kill Bits (973525)
 Microsoft Security Bulletin MS09-060 - Critical Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution (973965)
 Microsoft Security Bulletin MS09-035 - Moderate Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706)

Microsoft Windows Media Runtime multiple security vulnerabilities
updated since 13.10.2009
Published:14.10.2009
Source:
SecurityVulns ID:10311
Type:library
Threat Level:
6/10
Description:Buffer overflows, memory corruptions.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2009-2525 (Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly initialize unspecified functions within compressed audio files, which allows remote attackers to execute arbitrary code via (1) a crafted media file or (2) crafted streaming content, aka "Windows Media Runtime Heap Corruption Vulnerability.")
 CVE-2009-0555 (Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses the Windows Media Speech codec, aka "Windows Media Runtime Voice Sample Rate Vulnerability.")
Original documentdocumentifsecure_(at)_gmail.com, Windows Media Audio Voice remote code execution (14.10.2009)
 documentZDI, ZDI-09-069: Microsoft Windows Media Player Audio Voice Sample Rate Memory Corruption Vulnerability (14.10.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-051 - Critical Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682) (13.10.2009)
Files:Microsoft Security Bulletin MS09-051 - Critical Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682)

Microsoft Internet Explorer multiple security vulnerabilities
updated since 13.10.2009
Published:14.10.2009
Source:
SecurityVulns ID:10313
Type:client
Threat Level:
7/10
Description:Multiple memory corruptions.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2009-2531 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2530.)
 CVE-2009-2530 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2531.)
 CVE-2009-2529 (Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnerability.")
 CVE-2009-1547 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream header that triggers memory corruption, aka "Data Stream Header Corruption Vulnerability.")
Original documentdocumentZDI, ZDI-09-071: Microsoft Internet Explorer writing-mode Memory Corruption Vulnerability (14.10.2009)
 documentZDI, ZDI-09-070: Microsoft Internet Explorer Event Object Type Double-Free Vulnerability (14.10.2009)
 documentBerend-Jan Wever, MSIE Content-Encoding: deflate memory corruption vulnerability (14.10.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-054 - Critical Cumulative Security Update for Internet Explorer (974455) (13.10.2009)
Files:Microsoft Security Bulletin MS09-054 - Critical Cumulative Security Update for Internet Explorer (974455)

Microsoft Windows kernel multiple security vulnerabilities
updated since 13.10.2009
Published:17.10.2009
Source:
SecurityVulns ID:10316
Type:local
Threat Level:
6/10
Description:Integer overflow, NULL pointer dereference, exception handler vulnerability.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2009-2517 (The kernel in Microsoft Windows Server 2003 SP2 does not properly handle unspecified exceptions when an error condition occurs, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Handler Vulnerability.")
 CVE-2009-2516 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1, and Server 2008 Gold does not properly validate data sent from user mode, which allows local users to gain privileges via a crafted PE .exe file that triggers a NULL pointer dereference during chain traversal, aka "Windows Kernel NULL Pointer Dereference Vulnerability.")
 CVE-2009-2515 (Integer underflow in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application that triggers an incorrect truncation of a 64-bit integer to a 32-bit integer, aka "Windows Kernel Integer Underflow Vulnerability.")
Original documentdocumentNsfocus Security Team, NSFOCUS SA2009-03 : Windows Kernel Malformed PE File Remote DoS Vulnerability (17.10.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-058 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486) (13.10.2009)
Files:Microsoft Security Bulletin MS09-058 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486)

Quick Heal Antiviral products weak permissions
updated since 13.10.2009
Published:16.12.2009
Source:
SecurityVulns ID:10308
Type:local
Threat Level:
5/10
Description:Weak permissions on installation folder.
Affected:QUICKHEAL : Quick Heal Antivirus 2009
 QUICKHEAL : Quick Heal Total Security 2009
 QUICKHEAL : Quick Heal Antivirus 2010
 QUICKHEAL : Quick Heal Total Security 2010
Original documentdocumentProtek Research Lab, {PRL} QuickHeal antivirus 2010 Local Privilege Escalation (16.12.2009)
 documentShineShadow, Quick Heal Local Privilege Escalation Vulnerability (13.10.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod